Skills
skills/wade56754/viral-content-system/x-longform-writer/Gen Agent Trust Hub

x-longform-writer

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow involves executing local binaries and Python scripts, such as 'baoyu-article-illustrator' and 'weapon_search.py'. In Phase 3, the agent is instructed to pass user-provided keywords directly into a shell command ('python3 weapon_search.py "关键词"'), which presents a risk of command argument injection.
  • [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection.
  • Ingestion points: Untrusted user input, including article topics, voice transcripts, and drafts, are loaded into the agent's context ('SKILL.md' Phases 1 and 4).
  • Boundary markers: The instructions lack explicit markers or delimiters to separate user data from system instructions.
  • Capability inventory: The skill has the ability to execute local shell commands and scripts ('SKILL.md' Phases 3 and 8).
  • Sanitization: No sanitization or filtering of external content is specified before it is used in logic or commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 08:10 AM
Security Audit — agent-trust-hub — x-longform-writer